Through this blog I hope I can share something and help others and of course learn something. Don't hesitate to ask me OK!

Wednesday, April 23, 2008

Installing Clamav antivirus on Samba in Ubuntu

Many people use Samba in their file server to let Windows users share their files there. But some people just doesn't care if they have shared virus infected files. The other users merely become the victim.

So, lets arm our Samba to protect users from viruses hidden in the shared directories. In Ubuntu and other *nix distros, we can use free Clamav antivirus plugged in to Samba which is called clamav-scan. *nix distros usually provide ready-to-install binary of clamav-scan. But Ubuntu does not. So you must compile the plug in manually.

Enough for the intro, now we'll begin arming the Samba in Ubuntu (my Ubuntu version is 7.04 feisty fawn) . Don't be rush. You must follow test instruction before proceeding the next step.

Add some values in samba config file: /etc/samba/smb.conf. We may add this line under [global] configuration or specific directory configurationvfs objects = vscan-clamav vscan-clamav: config-file = /etc/samba/vfs-config/vscan-clamav.conf5. We must recompile vscan-clamav if we upgrade our Samba. To lock Samba version from upgrading, we must do this:echo samba hold | dpkg --set-selections echo samba install | dpkg --set-selections

6. Now restart Samba /etc/init.d/samba restart

7. See vscan-clamav in action

Just copy /usr/share/clamav-testfiles to shared writable directory of Samba so it can be accessed by Windows users. The files inside are harmless to Windows but make clamav assume them as infected files.

We can see that Samba has denied us from copying the file out. Instead we'll see the files has been moved to /tmp/var-*****.

Later, we can see that Samba users can not copy infected files into the shared directory of Samba.

Compiling global/vscan-functions.c with -fPICIn file included from /usr/src/sources/samba3-vscan-0.4.0-snapshot1/include/vscan-global.h:4,from global/vscan-functions.c:15:/usr/src/sources/samba-3.0.26a/source/include/includes.h:102:31: error: system/capability.h: No such file or directory/usr/src/sources/samba-3.0.26a/source/include/includes.h:103:24: error: system/dir.h: No such file or directory...................

I saw, Ichsan posted a reply, but unfortunately I speak only English and German :)Can anybody help and translate it to Engish? Thanks!

I have used this before with ubuntu 8.04 but it doesn't work with 10.04At part 3 I get the following error::~/samba-3.4.7~dfsg# ./debian/rules configure-stampmake: *** No rule to make target `configure-stamp'. Stop.